Initialize Android Zoom SDK failed with errorCode: 3, internalErrorCode: 124 when using JWT Token

Description
Hi all,
I’m trying to create an example Android app using Client SDK for Android. I have completed coding and testing for both join a meeting and log in and start meeting. It’s very interesting. However, I’m using the SDK key and SDK secret for this success case. When I try with JWT Token instead, I can’t initialize Zoom SDK successfully because there is an error with errorCode: 3 and internalErrorCode: 124. The JWT token is generated by using jwt.io, follow the instruction https://marketplace.zoom.us/docs/sdk/native-sdks/android/mastering-zoom-sdk/sdk-initialization. The following is one example for generating a JWT token:
Header:
{
“alg”: “HS256”,
“typ”: “JWT”
}
Payload:{
“appKey”: “SDK Key”,
“iat”: 1609426297,
“exp”: 1609429897,
“tokenExp”: 1609429897
}
Verify Signature
HMACSHA256(
base64UrlEncode(header) + “.” +
base64UrlEncode(payload),
SDK Secret
) secret base64 encoded

I need to demo using JWT Token. So, I hope will receive an answer from the support team soon. Thanks!

Which version?
5.2.42043.1112

To Reproduce(If applicable)
Steps to reproduce the behavior:

  1. Go to ‘…’
  2. Click on ‘…’
  3. Scroll down to ‘…’
  4. See error

Screenshots
If applicable, add screenshots to help explain your problem.

Smartphone (please complete the following information):

  • Device: Samsung J7 Pro
  • OS: Android 9
  • Version [e.g. 22]

Additional context
Add any other context about the problem here.

1 Like

Hi @nguyenxuanquy91, thanks for using our SDK.

The error you are seeing is related to your device being unable to connect to the internet. Please ensure that your device has a network connection, either via wifi or mobile data.

Thanks!

Hi @jon.lieblich,
Thanks for your reply. But I’m sure that my device has an internet connection (i.e. wifi) because I test joining a meeting successfully with SDK key & secret. Please help to double-check.

Hi @nguyenxuanquy91,

Please provide the following information so that we may better assist:

  • Are you able to reproduce this in our sample app?
  • Device logs from the session where this is present (please ensure logs are enabled when initializing the SDK)

Thanks!

Hi @jon.zoom,
Please see my reply inline as the following. Thanks!

Hi @nguyenxuanquy91,

The only way I have been able to reproduce this error code while using JWT for initialization is by disconnecting from my network before initializing. If you are using the same credentials in your JWT as you are when using the raw key/secret, this should be working.

Regarding your logs, please ensure that you are setting ZoomSDKInitParams.engableLog to true and setting a logSize on that same object when initializing the SDK.

Lastly, I noticed your JWT has a very short window of validity (exp - iat). You may encounter issues with this expiring before you are able to. use it, so I recommend increasing the window while you are testing with it.

Thanks!

Hi @jon.zoom,
I don’t know why the initialization working with raw SDK key/secret, but not working with JWT Token. So, I need help from the support team. I set the exp time = iat + 3600, meaning the JWT Token is expired after one hour, it’s not a short time.
When I disconnect my network, the error is errorCode=3, internalErrorCode=5003. The errorCode still is 3, but internalErrorCode is 5003, not be 124 as before.

Regarding the logs, I don’t change the sample code. So, it already set enableLog to true and logSize = 5.

Thanks!

Hi @nguyenxuanquy91,

I don’t know why the initialization working with raw SDK key/secret, but not working with JWT Token.

Agreed, it doesn’t make a lot of sense that this error would show up for one but not the other since they both use the same authentication service.

I set the exp time = iat + 3600, meaning the JWT Token is expired after one hour, it’s not a short time.

Yes, this is a relatively longer window, but if you are testing over the course of a few hours, it will expire unless you are repeatedly generating new tokens. I just wanted to make sure you were aware of this, which it seems like you are. :slightly_smiling_face:

Regarding the logs, I don’t change the sample code. So, it already set enableLog to true and logSize = 5.

This should enable logs on your device. Another factor which may prevent logs is if you are running a release version of your app. Typically debug logs are configured to only print if using a debug build.

Thanks!

Hi @jon.zoom,
Thanks for your help. How I can share log files with you?

Hi @nguyenxuanquy91,

If you would like to just share the file directly, the easiest way to do so would be sending it to developersupport@zoom.us.

Thanks!

Hi @jon.zoom ,
I sent the email to share the log files. Please take a look.
Thanks!

Hi @nguyenxuanquy91, thanks for sending the logs over.

We will look into this and let you know as soon as we have an update. In the meantime, please don’t hesitate to reach back out if you run into any other issues with the SDK. :slightly_smiling_face:

Thanks!

Hi @jon.zoom,
Yep. Thanks for your help!

Hi @nguyenxuanquy91,

We have only been able to reproduce this error code when the JWT is invalid. We did not find any information in the logs indicating otherwise. Let’s make sure that nothing is being lost when generating the actual JWT value.

Can you please provide a screenshot of the JWT payload in the debugger at jwt.io? As a reminder, be sure to either replace your developer credentials with an arbitrary value or exclude the value of that field from the screenshot.

Thanks!

Hey all, I been struggle bussing thru but I finally got the jwt working.

Here is my Android Kotlin JWT function>>> HOPE IT HELPS OTHERS.

private fun getJWTToken() : String? {
        val time = System.currentTimeMillis()/1000

        val header = "{\"alg\": \"HS256\", \"typ\": \"JWT\"}"
        val payload = "{\"appKey\": \"" + BuildConfig.YOUR_ZOOM_SDK_KEY + "\"" +
            ""+ ", \"iat\": " + time + ", \"exp\": " + (time + 86400) + ", \"tokenExp\": " + (time + 2800) + "}"

        try {
            val headerBase64Str: String =
                encodeToString(header.toByteArray(charset("utf-8")), NO_WRAP or NO_PADDING or URL_SAFE)
            val payloadBase64Str: String =
                encodeToString(payload.toByteArray(charset("utf-8")), NO_WRAP or NO_PADDING or URL_SAFE)
            val mac: Mac = Mac.getInstance("HMACSHA256")
            val secretKeySpec = SecretKeySpec(BuildConfig.YOUR_ZOOM_SDK_SECRET_KEY.toByteArray(), "HMACSHA256")
            mac.init(secretKeySpec)
            val digest: ByteArray = mac.doFinal("$headerBase64Str.$payloadBase64Str".toByteArray())
            return "$headerBase64Str.$payloadBase64Str." + encodeToString(
                digest,
                NO_WRAP or NO_PADDING or URL_SAFE
            )
        } catch (e: NoSuchAlgorithmException) {
            e.printStackTrace()
        } catch (e: UnsupportedEncodingException) {
            e.printStackTrace()
        } catch (e: InvalidKeyException) {
            e.printStackTrace()
        }
        return null
    }

Hi @ozan, thanks for using the dev forum.

We appreciate you providing this util! Please keep in mind that for security purposes, we do not recommend generating your JWT within your app. This util can be helpful for testing purposes, but in a production app we recommend generating the token within your own secure servers. :slightly_smiling_face:

Thanks!